Saturday, 18 August 2012

SECURITY_DENIED_BY_MIMEMAP Hosting WCF Services in IIS 7 Classic Mode

Another one of those gotchas where the error message doesn't actually have anything to do with the problem...

One of our apps includes a WCF service endpoint that's called by some of our other systems. This works perfectly in production, but when I fired it up locally this morning to fix a bug, I just couldn't get the thing to run properly - the right handlers were mapped, the file permissions were OK, but every time I pointed a browser at http://www.mysite.com.local/some_app/endpoint.svc , I got an HTTP 403 Forbidden.

Turning on IIS failed request tracing gave me one of those incredibly detailed XML dump files:

So... SECURITY_DENIED_BY_MIMEMAP. Which is a little odd, because I was pretty sure MIME mapping only applied to static content - but sure enough, I tried setting up a MIME mapping for .svc files - mapped to application/xml. This didn't work - IIS just sent me the .svc definition file instead of actually executing it...

Turns out that the problem is our production servers are 32-bit and our development boxes are x64 - and I hadn't gone into the IIS Application Pool for this app and enabled 32-bit applications.

Quite why this results in the misleading MIME type error is one of those little mysteries that makes IIS such fun to work with, but that solved it for me.